Fortinet Security Expert NSE4 Questions & Answers

• Question 1:

  Which of the following are possible actions for static URL filtering? (Choose three.)

  A. Allow

  B. Block

  C. Exempt

  D. Warning

  E. Shape

  Correct Answer: ABC

• Question 2:

  What actions are possible with Application Control? (Choose three.)

  A. Warn

  B. Allow

  C. Block

  D. Traffic Shaping

  E. Quarantine

  Correct Answer: BCD

• Question 3:

  Which antivirus inspection mode must be used to scan SMTP, FTP, POP3 and SMB protocols?

  A. Proxy-based.

  B. DNS-based.

  C. Flow-based.

  D. Man-in-the-middle.

  Correct Answer: C

• Question 4:

  Which of the following statements are correct concerning the IPsec phase 1 and phase 2, shown in the exhibit? (choose two)

  

  A. The quick mode selector in the remote site must also be 0.0.0.0/0 for the source and destination addresses.

  B. Only remote peers with the peer ID 'fortinet' will be able to establish a VPN.

  C. The FortiGate device will automatically add a static route to the source quick mode selector address received from each remote VPN peer.

  D. The configuration will work only to establish FortiClient-to-FortiGate tunnels. A FortiGate tunnel requires a different configuration.

  Correct Answer: CD

• Question 5:

  The order of the firewall policies is important. Policies can be re-ordered from either the GUI or the CLI. Which CLI command is used to perform this function?

  A. set order

  B. edit policy

  C. reorder

  D. move

  Correct Answer: D

• Question 6:

  Which statements are true regarding local user authentication? (Choose two.)

  A. Two-factor authentication can be enabled on a per user basis.

  B. Local users are for administration accounts only and cannot be used to authenticate network users.

  C. Administrators can create the user accounts in a remote server and store the user passwords locally in the FortiGate.

  D. Both the usernames and passwords can be stored locally on the FortiGate.

  Correct Answer: AD

• Question 7:

  Which statement regarding the firewall policy authentication timeout is true?

  A. It is an idle timeout. The FortiGate considers a user to be "idle" if it does not see any packets coming from the user's source IP.

  B. It is a hard timeout. The FortiGate removes the temporary policy for a user's source IP address after this timer has expired.

  C. It is an idle timeout. The FortiGate considers a user to be "idle" if it does not see any packets coming from the user's source MAC.

  D. It is a hard timeout. The FortiGate removes the temporary policy for a user's source MAC address after this timer has expired.

  Correct Answer: A

• Question 8:

  The exhibit shoes three static routes.

  

  Which routes will be used to route the packets to the destination IP address 172.20.168.1?

  A. The route with the ID number 2 and 3.

  B. Only the route with the ID number 3.

  C. Only the route with the ID number 2.

  D. Only the route with the ID number 1.

  Correct Answer: D

• Question 9:

  The exhibit is a screen shot of an Application Control profile.

  

  Different settings are circled and numbered. Select the number identifying the setting which will provide additional information about YouTube access, such as the name of the video watched.

  A. 1

  B. 2

  C. 3

  D. 4

  E. 5

  Correct Answer: D

• Question 10:

  In the debug command output shown in the exhibit, which of the following best described the MAC address 00:09:0f:69:03:7e ?

  

  A. It is one of the secondary MAC addresses of the port1 interface.

  B. It is the primary MAC address of the port interface.

  C. It is the MAC address of another network devices located in the same LAN segment as the FortiGate unit's port1 interface.

  D. It is the HA virtual MAC address.

  Correct Answer: C